CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-56109

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_wireless in file /usr/lib/lua/luci/control/admin/wireless.lua.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.1%

CVSS Severity

CVSS v3 Score 8.8

References

https://1drv.ms/f/c/12406a392c92914b/EqEQemupso9DldgG-EcUI8IBLpEWP_S-f6vpeUtYztYYCg?e=gX4A10
https://1drv.ms/t/c/12406a392c92914b/Eebxh85meOlFnvAANaOt7WgBy_WVGYtW6X8dzvZBZSenbw?e=aaqmPN
https://github.com/flegoity/Ruijie-Multiple-Devices-Vulnerability-Reports-for-CVE/blob/main/CVE-2025-56109.md

Products affected by CVE-2025-56109

Ruijie » Rg-Bcr860 » Version: N/A

cpe:2.3:h:ruijie:rg-bcr860:-
Ruijie » Rg-Bcr860 Firmware » Version: N/A

cpe:2.3:o:ruijie:rg-bcr860_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-56109

Products

Pricing

Contact Us